Outpost API Reference

Introduction

The Outpost REST API is a JSON API for managing tenants, destinations, and publishing events to your webhook infrastructure.

Outpost API versions are included in the base URL. Managed deployments use calendar versioning (i.e. /2025-07-01), while OSS/self-hosted deployments use /v1 as the API prefix.

Managed URL: https://api.outpost.hookdeck.com/2025-07-01

Self-hosted URL: https://outpost.your-domain.com/api/v1

Authentication

The Outpost API supports two authentication methods depending on the operation:

Method	Description
Admin API Key	Bearer token for all admin operations. Set via the `API_KEY` environment variable (self-hosted) or the Hookdeck dashboard (managed).
Tenant JWT	Per-tenant JWT token valid for 24 hours. Used for tenant-scoped operations and portal access. Generated via the Get Tenant JWT Token endpoint.

Include your credentials as a Bearer token in every request.

Using Admin API Key

shell

curl https://api.outpost.hookdeck.com/2025-07-01/tenants \
  -H "Authorization: Bearer $API_KEY"

Using Tenant JWT

shell

curl https://api.outpost.hookdeck.com/2025-07-01/tenants/t1/destinations \
  -H "Authorization: Bearer $TENANT_JWT"

Errors

Outpost returns JSON error responses with a consistent shape across API endpoints. The status field matches the HTTP status code, message describes the error, and data is included when additional details are available.

Field	Type	Description
`status`	Integer	HTTP status code for the response.
`message`	String	Human-readable error message.
`data`	Array or object	Optional details about the error. Validation errors use an array of messages.

Common error responses include:

Status	Description
`400`	Malformed JSON or invalid request parameters.
`401`	Missing or invalid authentication credentials.
`404`	Requested resource not found.
`422`	Request body fails validation.
`500`	Unexpected server error.

Rate Limits

The Outpost API applies rate limits per API key to ensure system stability. The default rate limit is 240 requests per minute. If you need a higher rate limit, contact us to increase it.

Rate limits are only applicable with managed deployments. Self-hosted deployments do not have rate limits and the operator is responsible for managing the service capacity.

When a rate limit is exceeded, the API returns a 429 Too Many Requests response. Retry the request after the interval indicated in the Retry-After header.

Header	Description
`X-RateLimit-Limit`	Maximum requests allowed in the current window
`X-RateLimit-Remaining`	Requests remaining in the current window
`X-RateLimit-Reset`	Unix timestamp when the current window resets
`Retry-After`	Seconds to wait before retrying (present on 429 responses)

HTTP/1.1 429 Too Many Requests
Retry-After: 1
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 1704067260

{
  "error": "rate limit exceeded"
}

OpenAPI Schema

The Outpost OpenAPI schema is available and can be used to generate SDKs, import into Postman, or work with any OpenAPI-compatible tooling.

The schema is available in the Outpost GitHub repository.

To import the schema into Postman, use File → Import → Link → paste the URL above

SDKs

Official SDKs for the Outpost API are available for Go, TypeScript, and Python. All SDKs are generated by Speakeasy from the OpenAPI schema and published to their respective package registries.

Language	Package	Repository
TypeScript	`@hookdeck/outpost-sdk`	GitHub
Python	`outpost-sdk`	GitHub
Go	`outpost-go`	GitHub

Install the Node.js SDK

Shell

npm install @hookdeck/outpost-sdk

Install the Python SDK

Shell

pip install outpost-sdk

Install the Go SDK

Shell

go get github.com/hookdeck/outpost/sdks/outpost-go

Tenants

The API segments resources per tenant. A tenant represents a user/team/organization in your product. The provided value determines the tenant's ID, which can be any string representation.

If your system is not multi-tenant, create a single tenant with a hard-code tenant ID upon initialization. If your system has a single tenant but multiple environments, create a tenant per environment, like live and test.

Example tenant object

JSON

{
  "id": "123",
  "destinations_count": 5,
  "topics": [
    "user.created",
    "user.deleted"
  ],
  "metadata": {
    "name": "Acme Inc."
  },
  "created_at": "2024-01-01T00:00:00Z",
  "updated_at": "2024-01-01T00:00:00Z"
}

List Tenants

List all tenants with cursor-based pagination.

When self-hosting this endpoint requires Redis with RediSearch module (e.g., redis/redis-stack-server). If RediSearch is not available, this endpoint returns 501 Not Implemented.

When authenticated with a Tenant JWT, returns only the authenticated tenant.

GET

/tenants

Request

Shell

curl -X GET \
  "https://api.outpost.hookdeck.com/2025-07-01/tenants" \
  -H "Authorization: Bearer $API_KEY"

Response

JSON

{
  "models": [
    {
      "id": "123",
      "destinations_count": 5,
      "topics": [
        "user.created",
        "user.deleted"
      ],
      "metadata": {
        "name": "Acme Inc."
      },
      "created_at": "2024-01-01T00:00:00Z",
      "updated_at": "2024-01-01T00:00:00Z"
    }
  ],
  "pagination": {
    "order_by": "created_at",
    "dir": "desc",
    "limit": 100,
    "next": "MTcwNDA2NzIwMA==",
    "prev": null
  },
  "count": 42
}

Get Tenant

Retrieves details for a specific tenant.

GET

/tenants/tenant_id

Request

Shell

curl -X GET \
  "https://api.outpost.hookdeck.com/2025-07-01/tenants/<tenant_id>" \
  -H "Authorization: Bearer $API_KEY"

Response

JSON

{
  "id": "123",
  "destinations_count": 5,
  "topics": [
    "user.created",
    "user.deleted"
  ],
  "metadata": {
    "name": "Acme Inc."
  },
  "created_at": "2024-01-01T00:00:00Z",
  "updated_at": "2024-01-01T00:00:00Z"
}

Create or Update Tenant

Idempotently creates or updates a tenant. Required before associating destinations.

PUT

/tenants/tenant_id

Request

Shell

curl -X PUT \
  "https://api.outpost.hookdeck.com/2025-07-01/tenants/<tenant_id>" \
  -H "Authorization: Bearer $API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
  "metadata": {}
}'

Response

JSON

{
  "id": "123",
  "destinations_count": 5,
  "topics": [
    "user.created",
    "user.deleted"
  ],
  "metadata": {
    "name": "Acme Inc."
  },
  "created_at": "2024-01-01T00:00:00Z",
  "updated_at": "2024-01-01T00:00:00Z"
}

Delete Tenant

Deletes the tenant and all associated destinations.

DELETE

/tenants/tenant_id

Request

Shell

curl -X DELETE \
  "https://api.outpost.hookdeck.com/2025-07-01/tenants/<tenant_id>" \
  -H "Authorization: Bearer $API_KEY"

Response

JSON

{
  "success": true
}

Get Portal Redirect URL

Returns a redirect URL containing a JWT to authenticate the user with the portal. Requires Admin API Key.

GET

/tenants/tenant_id/portal

Request

Shell

curl -X GET \
  "https://api.outpost.hookdeck.com/2025-07-01/tenants/<tenant_id>/portal" \
  -H "Authorization: Bearer $API_KEY"

Response

JSON

{
  "redirect_url": "https://webhooks.acme.com/?token=JWT_TOKEN&tenant_id=tenant_123",
  "tenant_id": "tenant_123"
}

Get Tenant JWT Token

Returns a JWT token scoped to the tenant for safe browser API calls. Requires Admin API Key.

GET

/tenants/tenant_id/token

Request

Shell

curl -X GET \
  "https://api.outpost.hookdeck.com/2025-07-01/tenants/<tenant_id>/token" \
  -H "Authorization: Bearer $API_KEY"

Response

JSON

{
  "token": "SOME_JWT_TOKEN",
  "tenant_id": "tenant_123"
}

Destinations

Destinations are the endpoints where events are sent. Each destination is associated with a tenant and can be configured to receive specific event topics.

The topics array can contain either a list of topics or a wildcard * implying that all topics are supported. If you do not wish to implement topics for your application, you set all destination topics to *.

By default all destination credentials are obfuscated and the values cannot be read. This does not apply to the webhook type destination secret and each destination can expose their own obfuscation logic.

Example destination object

JSON

{
  "id": "des_webhook_123",
  "type": "webhook",
  "topics": [
    "user.created",
    "order.shipped"
  ],
  "disabled_at": null,
  "created_at": "2024-02-15T10:00:00Z",
  "updated_at": "2024-02-15T10:00:00Z",
  "config": {
    "url": "https://my-service.com/webhook/handler"
  },
  "credentials": {
    "secret": "whsec_abc123def456",
    "previous_secret": "whsec_prev789xyz012",
    "previous_secret_invalid_at": "2024-02-16T10:00:00Z"
  }
}

List Destinations

Return a list of the destinations for the tenant. The endpoint is not paged.

GET

/tenants/tenant_id/destinations

Request

Shell

curl -X GET \
  "https://api.outpost.hookdeck.com/2025-07-01/tenants/<tenant_id>/destinations" \
  -H "Authorization: Bearer $API_KEY"

Response

JSON

[
  {
    "id": "des_webhook_123",
    "type": "webhook",
    "topics": [
      "user.created",
      "order.shipped"
    ],
    "disabled_at": null,
    "created_at": "2024-02-15T10:00:00Z",
    "updated_at": "2024-02-15T10:00:00Z",
    "config": {
      "url": "https://my-service.com/webhook/handler"
    },
    "credentials": {
      "secret": "whsec_abc123def456",
      "previous_secret": "whsec_prev789xyz012",
      "previous_secret_invalid_at": "2024-02-16T10:00:00Z"
    }
  }
]

Create Destination

Creates a new destination for the tenant. The request body structure depends on the type.

POST

/tenants/tenant_id/destinations

Request

Shell

curl -X POST \
  "https://api.outpost.hookdeck.com/2025-07-01/tenants/<tenant_id>/destinations" \
  -H "Authorization: Bearer $API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "user-provided-id",
  "topics": "*",
  "filter": {
    "data": {
      "amount": {
        "$gte": 100
      },
      "customer": {
        "tier": "premium"
      }
    }
  },
  "config": {
    "url": "https://example.com/webhooks/user",
    "custom_headers": "{\"x-api-key\":\"secret123\",\"x-tenant-id\":\"customer-456\"}"
  },
  "credentials": {
    "secret": "whsec_abc123",
    "previous_secret": "whsec_xyz789",
    "previous_secret_invalid_at": "2024-01-02T00:00:00Z"
  },
  "delivery_metadata": {
    "app-id": "my-app",
    "region": "us-east-1"
  },
  "metadata": {
    "internal-id": "123",
    "team": "platform"
  },
  "created_at": "2024-02-15T10:00:00Z",
  "updated_at": "2024-02-15T10:00:00Z",
  "disabled_at": null
}'

Response

JSON

{
  "id": "des_webhook_123",
  "type": "webhook",
  "topics": [
    "user.created",
    "order.shipped"
  ],
  "disabled_at": null,
  "created_at": "2024-02-15T10:00:00Z",
  "updated_at": "2024-02-15T10:00:00Z",
  "config": {
    "url": "https://my-service.com/webhook/handler"
  },
  "credentials": {
    "secret": "whsec_abc123def456",
    "previous_secret": "whsec_prev789xyz012",
    "previous_secret_invalid_at": "2024-02-16T10:00:00Z"
  }
}

Get Destination

Retrieves details for a specific destination.

GET

/tenants/tenant_id/destinations/destination_id

Request

Shell

curl -X GET \
  "https://api.outpost.hookdeck.com/2025-07-01/tenants/<tenant_id>/destinations/<destination_id>" \
  -H "Authorization: Bearer $API_KEY"

Response

JSON

{
  "id": "des_webhook_123",
  "type": "webhook",
  "topics": [
    "user.created",
    "order.shipped"
  ],
  "disabled_at": null,
  "created_at": "2024-02-15T10:00:00Z",
  "updated_at": "2024-02-15T10:00:00Z",
  "config": {
    "url": "https://my-service.com/webhook/handler"
  },
  "credentials": {
    "secret": "whsec_abc123def456",
    "previous_secret": "whsec_prev789xyz012",
    "previous_secret_invalid_at": "2024-02-16T10:00:00Z"
  }
}

Update Destination

Updates the configuration of an existing destination. The request body structure depends on the destination's type. Type itself cannot be updated. May return an OAuth redirect URL for certain types.

PATCH

/tenants/tenant_id/destinations/destination_id

Request

Shell

curl -X PATCH \
  "https://api.outpost.hookdeck.com/2025-07-01/tenants/<tenant_id>/destinations/<destination_id>" \
  -H "Authorization: Bearer $API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
  "topics": "*",
  "filter": {
    "data": {
      "amount": {
        "$gte": 100
      },
      "customer": {
        "tier": "premium"
      }
    }
  },
  "config": {
    "url": "https://example.com/webhooks/user",
    "custom_headers": "{\"x-api-key\":\"secret123\",\"x-tenant-id\":\"customer-456\"}"
  },
  "credentials": {},
  "delivery_metadata": {
    "app-id": "my-app",
    "region": "us-east-1"
  },
  "metadata": {
    "internal-id": "123",
    "team": "platform"
  },
  "disabled_at": null
}'

Response

JSON

{
  "id": "des_webhook_123",
  "type": "webhook",
  "topics": [
    "user.created",
    "order.shipped"
  ],
  "disabled_at": null,
  "created_at": "2024-02-15T10:00:00Z",
  "updated_at": "2024-02-15T10:00:00Z",
  "config": {
    "url": "https://my-service.com/webhook/handler"
  },
  "credentials": {
    "secret": "whsec_abc123def456",
    "previous_secret": "whsec_prev789xyz012",
    "previous_secret_invalid_at": "2024-02-16T10:00:00Z"
  }
}

Delete Destination

Deletes a specific destination.

DELETE

/tenants/tenant_id/destinations/destination_id

Request

Shell

curl -X DELETE \
  "https://api.outpost.hookdeck.com/2025-07-01/tenants/<tenant_id>/destinations/<destination_id>" \
  -H "Authorization: Bearer $API_KEY"

Response

JSON

{
  "success": true
}

Enable Destination

Enables a previously disabled destination.

PUT

/tenants/tenant_id/destinations/destination_id/enable

Request

Shell

curl -X PUT \
  "https://api.outpost.hookdeck.com/2025-07-01/tenants/<tenant_id>/destinations/<destination_id>/enable" \
  -H "Authorization: Bearer $API_KEY"

Response

JSON

{
  "id": "des_webhook_123",
  "type": "webhook",
  "topics": [
    "user.created",
    "order.shipped"
  ],
  "disabled_at": null,
  "created_at": "2024-02-15T10:00:00Z",
  "updated_at": "2024-02-15T10:00:00Z",
  "config": {
    "url": "https://my-service.com/webhook/handler"
  },
  "credentials": {
    "secret": "whsec_abc123def456",
    "previous_secret": "whsec_prev789xyz012",
    "previous_secret_invalid_at": "2024-02-16T10:00:00Z"
  }
}

Disable Destination

Disables a previously enabled destination.

PUT

/tenants/tenant_id/destinations/destination_id/disable

Request

Shell

curl -X PUT \
  "https://api.outpost.hookdeck.com/2025-07-01/tenants/<tenant_id>/destinations/<destination_id>/disable" \
  -H "Authorization: Bearer $API_KEY"

Response

JSON

{
  "id": "des_webhook_123",
  "type": "webhook",
  "topics": [
    "user.created",
    "order.shipped"
  ],
  "disabled_at": null,
  "created_at": "2024-02-15T10:00:00Z",
  "updated_at": "2024-02-15T10:00:00Z",
  "config": {
    "url": "https://my-service.com/webhook/handler"
  },
  "credentials": {
    "secret": "whsec_abc123def456",
    "previous_secret": "whsec_prev789xyz012",
    "previous_secret_invalid_at": "2024-02-16T10:00:00Z"
  }
}

List Destination Attempts

Retrieves a paginated list of attempts scoped to a specific destination.

GET

/tenants/tenant_id/destinations/destination_id/attempts

Request

Shell

curl -X GET \
  "https://api.outpost.hookdeck.com/2025-07-01/tenants/<tenant_id>/destinations/<destination_id>/attempts" \
  -H "Authorization: Bearer $API_KEY"

Response

JSON

{
  "pagination": {
    "order_by": "created_at",
    "dir": "desc",
    "limit": 100,
    "next": "MTcwNDA2NzIwMA==",
    "prev": null
  },
  "models": [
    {
      "id": "atm_123",
      "tenant_id": "tnt_123",
      "status": "success",
      "time": "2024-01-01T00:00:05Z",
      "code": "200",
      "response_data": {
        "status_code": 200,
        "body": "{\"status\":\"ok\"}",
        "headers": {
          "content-type": "application/json"
        }
      },
      "attempt_number": 1,
      "manual": false,
      "event_id": "evt_123",
      "destination_id": "des_456",
      "event": {
        "id": "evt_123",
        "tenant_id": "tnt_123",
        "destination_id": "des_456",
        "topic": "user.created",
        "time": "2024-01-01T00:00:00Z",
        "eligible_for_retry": true,
        "metadata": {
          "source": "crm"
        }
      },
      "destination": {
        "id": "des_webhook_123",
        "type": "webhook",
        "topics": [
          "user.created",
          "order.shipped"
        ],
        "disabled_at": null,
        "created_at": "2024-02-15T10:00:00Z",
        "updated_at": "2024-02-15T10:00:00Z",
        "config": {
          "url": "https://my-service.com/webhook/handler"
        },
        "credentials": {
          "secret": "whsec_abc123def456",
          "previous_secret": "whsec_prev789xyz012",
          "previous_secret_invalid_at": "2024-02-16T10:00:00Z"
        }
      }
    }
  ]
}

Get Destination Attempt

Retrieves details for a specific attempt scoped to a destination.

GET

/tenants/tenant_id/destinations/destination_id/attempts/attempt_id

Request

Shell

curl -X GET \
  "https://api.outpost.hookdeck.com/2025-07-01/tenants/<tenant_id>/destinations/<destination_id>/attempts/<attempt_id>" \
  -H "Authorization: Bearer $API_KEY"

Response

JSON

{
  "id": "atm_123",
  "tenant_id": "tnt_123",
  "status": "success",
  "time": "2024-01-01T00:00:05Z",
  "code": "200",
  "response_data": {
    "status_code": 200,
    "body": "{\"status\":\"ok\"}",
    "headers": {
      "content-type": "application/json"
    }
  },
  "attempt_number": 1,
  "manual": false,
  "event_id": "evt_123",
  "destination_id": "des_456",
  "event": {
    "id": "evt_123",
    "tenant_id": "tnt_123",
    "destination_id": "des_456",
    "topic": "user.created",
    "time": "2024-01-01T00:00:00Z",
    "eligible_for_retry": true,
    "metadata": {
      "source": "crm"
    }
  },
  "destination": {
    "id": "des_webhook_123",
    "type": "webhook",
    "topics": [
      "user.created",
      "order.shipped"
    ],
    "disabled_at": null,
    "created_at": "2024-02-15T10:00:00Z",
    "updated_at": "2024-02-15T10:00:00Z",
    "config": {
      "url": "https://my-service.com/webhook/handler"
    },
    "credentials": {
      "secret": "whsec_abc123def456",
      "previous_secret": "whsec_prev789xyz012",
      "previous_secret_invalid_at": "2024-02-16T10:00:00Z"
    }
  }
}

Configuration

The Configuration API is available for managed Outpost deployments only. It allows you to read and update instance-level settings — the same settings available as environment variables in self-hosted deployments.

Get Managed Configuration

Returns managed Outpost configuration values.

This endpoint is only available for the managed version. In self-hosted deployments, configuration is controlled through environment variables instead.

GET

/config

Request

Shell

curl -X GET \
  "https://api.outpost.hookdeck.com/2025-07-01/config" \
  -H "Authorization: Bearer $API_KEY"

Response

JSON

{
  "TOPICS": "user.created,user.updated",
  "DESTINATIONS_WEBHOOK_MODE": "default"
}

Update Managed Configuration

Updates one or more managed Outpost configuration values. Null values clear the configuration and reverts to Outpost default behavior.

This endpoint is only available for the managed version. In self-hosted deployments, configuration is controlled through environment variables instead.

Only the supported configuration keys are accepted.

PATCH

/config

Request

Shell

curl -X PATCH \
  "https://api.outpost.hookdeck.com/2025-07-01/config" \
  -H "Authorization: Bearer $API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
  "TOPICS": "user.created,user.updated",
  "DESTINATIONS_WEBHOOK_MODE": "default"
}'

Response

JSON

{
  "TOPICS": "user.created,user.updated",
  "DESTINATIONS_WEBHOOK_MODE": "default"
}

Publish

Use the Publish endpoint to send events into Outpost. Events are matched against all destinations whose topic subscriptions and filters match the event. Requires Admin API Key.

Publish Event

Publishes an event to the specified topic, potentially routed to a specific destination. Requires Admin API Key.

POST

/publish

Request

Shell

curl -X POST \
  "https://api.outpost.hookdeck.com/2025-07-01/publish" \
  -H "Authorization: Bearer $API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
  "id": "evt_custom_123",
  "tenant_id": "<TENANT_ID>",
  "destination_id": "<DESTINATION_ID>",
  "topic": "topic.name",
  "time": "2024-01-15T10:30:00Z",
  "metadata": {
    "source": "crm"
  },
  "data": {
    "user_id": "userid",
    "status": "active"
  }
}'

Response

JSON

{
  "id": "evt_abc123xyz789",
  "duplicate": false,
  "destination_ids": [
    "des_456",
    "des_789"
  ]
}

Retry

Triggers a retry for delivering an event to a destination. The event must exist and the destination must be enabled and match the event's topic.

Retry Event Delivery

Triggers a retry for delivering an event to a destination. The event must exist and the destination must be enabled and match the event's topic.

When authenticated with a Tenant JWT, only events belonging to that tenant can be retried. When authenticated with Admin API Key, events from any tenant can be retried.